Virtual Networks and Subnets
Design an Azure Virtual Network (VNet) with subnets, understand CIDR addressing, and isolate workloads using network boundaries.
What Is an Azure Virtual Network?
An Azure Virtual Network (VNet) is a logically isolated network in the Azure cloud that you define and control. It is the fundamental building block of Azure networking, enabling Azure resources such as virtual machines, databases, and app services to communicate securely with each other, the internet, and on-premises networks. A VNet is scoped to a single Azure region and a specific IPv4 (and optionally IPv6) CIDR address space that you define when creating it.
# Create a VNet with address space 10.0.0.0/16
az network vnet create \
--resource-group myRG \
--name myVNet \
--address-prefix 10.0.0.0/16 \
--location eastusVNet Address Space and CIDR Notation
When creating a VNet, you assign an address space using CIDR notation. CIDR (Classless Inter-Domain Routing) notation specifies both the network address and the number of bits used for the network prefix. For example, 10.0.0.0/16 gives you 65,536 IP addresses (10.0.0.0 through 10.0.255.255). The address space must be a private IP range (10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16 per RFC 1918). Choose an address space large enough to accommodate all planned subnets with room to grow, but avoid overlapping with on-premises networks if you plan a hybrid connection.